3 solutions

Solution 1

Of course the valuue stored in the seesion is '+ strTest +' because that is what you assigned to Session["Test"].
What you're trying to achieve will not work this way since the code inside the <% %> is executed on the serverside during rendering of the page and the var strTest = ... bits are javascript are code that is run on the client side (browser). If you want to set the session variable you'll either have to submit the data including that of DropDownList1 or do an AJAX call to your website if the value of the DropDownList1 changes.

Solution 2

I think you misunderstood his question. He wants to access the Session variable through JavaScript which is impossible. This is purely due to that session is encrypted, mainly to guard it off from hackers. Just think, if it was accessible from JavaScript, how many websites will be hacked in a blink :)

But depending on what you want, you might be able to workaround it. A simple method I would think of is, use AJAX to call a server-side method to fetch the value you want from the session. But please, keep it in mind that this is NOT RECOMMENDED. A method that you can call, anyone else can call :) Unless, you authenticate the access.

My advice to you is to use a hidden field in your page to carry the values that you want to process using javascript.

@Manfred: I deleted it myself and posted this as an answer instead. Sorry about that :)

@BobJanova: The point is, in the hidden field, you can store the only data that you want to manipulate. For instance, what he wanted to put in the combo box. Where as, if you expose the session through ajax calls, there will be other information such as session id, flags set to check user levels, authentications, shopping cart info, etc. (in short valuable and restricted information).

So for a hacker, getting hands on the session means laying your website on a table for him to dine the way he wants. Simple example, you store the username of the currently logged user in the session. All he has to do is update the value to another username or simply iterate through all the values that is stored in the session. The possibilities are immense :) But yes, it will be dependent on what functionality he decides to expose :) But the hidden field approach is easier, simpler and safer. That's what I tried to say.

Solution 3

You fundamentally misunderstand what the session is. The session is stored on the server and is used to persist data between page requests from the same user. It is not available on the client side (i.e. in the browser) because the browser is showing one page.

It does not make sense to set session variables in response to client actions, as client actions are occuring within the context of one page and do not need to be persisted between requests.

If you want to take a record of a user's choice, you should submit that choice, either by AJAX or a form submission (depending on the circumstances; AJAX for single values, form submissions for a whole set at once). The server page that responds to that submission might choose to store some information in the session, but it might not.